According to Allianz, cyber incidents ranked as the number one risk (opens a new window) for businesses in 2025, including cyber-crime, IT network disruption and service disruption, malware, data breaches, and cyber-related fines and penalties. But while cyber insurance offers a reliable form of protection against the costs of an attack, take up among smaller businesses remains low.
In this article, our experts consider why businesses should protect themselves against attacks, what cyber insurance has to offer your business, and other key questions.
Who needs cyber insurance?
Cyber criminals target businesses of all sizes, in all industries, and in all parts of the world. Just as organisations embrace new technologies, cyber criminals are using artificial intelligence (AI) and other tools to commit increasingly sophisticated cyber-crimes. Complex supply chains and rising geopolitical tensions are increasing the likelihood of attacks.
SMEs are particularly likely to benefit from cyber insurance. Unlike larger organisations, SMEs typically run a lean operation in which cyber investments are unlikely to be a major business priority. A policy that offers access to specialised cybersecurity professionals and resources can be invaluable for an SME when it comes to withstanding and recovering from a cyber-attack.
The benefits of cyber insurance
Cyber liability insurance offers protection against the costs of a cyber-attack and/or a data breach, enabling businesses to reduce their risk exposure. A comprehensive cyber policy typically includes:
First-party coverage – to cover the costs of investigating and recovering from a cyber incident, a data breach or a violation of privacy laws.
Third-party coverage – to cover any claims made against the business by third parties, including costs and expenses (including legal fees), as a consequence of a cyber incident, data breach or violation of privacy laws.
Cyber insurance can also include access to a suite of services, available throughout the entire duration of the policy. Many of these solutions can be deployed immediately in the wake of a cyber-attack to limit the impact of an incident, including:
Breach response assistance
Business interruption support
Specialised forensics consultancy
Public relations support
Call centre support
However, despite the benefits of cyber insurance, many businesses are still without adequate protection. According to Swiss Re (opens a new window), just 10% of SMEs have adopted cyber insurance. Smaller businesses are less likely to be insured than medium or large businesses, and less likely to review the risks posed by their immediate suppliers (opens a new window).
How much does cyber insurance cost?
Cyber insurance is an increasingly cost-effective option for many businesses when compared to the potential cost of a cyber breach. However, each policy will respond differently, with pricing dependent on a firms’ individual risk profile. Factors influencing the cost of cyber insurance:
Size of the business
The types of data held, and in what volume
Cyber security measures in place
Employee numbers
Specific coverages purchased
Minimising the cost of cyber insurance
By taking steps to improve their cyber security, businesses will be able to demonstrate to insurers that they are proactively managing risk. This can help to reduce the cost of cyber insurance. Preparing for a cyber-attack doesn’t need to be complex. According to research (opens a new window) from the Association for British Insurers (ABI), around 97% of cyber-attacks could have been prevented by implementing basic and often free cyber security habits. Strategies to mitigate a cyber-attack include:
Implementing multi-factor authentication (MFA) for any form of remote access, admin and privilege-users accounts, and email accounts
Creating regular backups, to be stored offline or protected by MFA
Carrying out regular patching and critical patching within 72 hours
Conducting annual cyber security training for teams and staff
For more information on cyber insurance, and how it can benefit your business, reach out to a member of our team.
